Overview CVE-2025-65238 describes a broken access control vulnerability discovered in OpenCode Systems USSD Gateway OC Release: 5 Version 6.13.11. This flaw allows attackers with low-level privileges to bypass intended access restrictions within the `getSubUsersByProvider` function, potentially leading to the unauthorized disclosure of user records and sensitive information. Technical Details The vulnerability resides within the `getSubUsersByProvider` function of the USSD Gateway. Due to insufficient access control checks, an attacker with minimal privileges can manipulate requests to access and dump user records belonging to other users or providers. This bypass leverages the flawed authorization logic within the specified function. The affected version…

Overview CVE-2025-65237 describes a reflected cross-site scripting (XSS) vulnerability found in OpenCode Systems USSD Gateway OC Release 5. This vulnerability allows attackers to inject malicious JavaScript code into the USSD Gateway’s web interface. When a user interacts with a manipulated URL, the injected script executes within their browser, potentially leading to sensitive data theft, session hijacking, or defacement of the application. Technical Details The vulnerability is a reflected XSS, meaning the malicious script is embedded in a request to the server. The server then includes the unsanitized script in its response, which is executed by the user’s browser. Specifically, a…

Overview CVE-2025-65236 details a SQL injection vulnerability found in OpenCode Systems USSD Gateway OC Release: 5. This vulnerability allows attackers to potentially execute arbitrary SQL queries via the Session ID parameter in the /occontrolpanel/index.php endpoint. Successful exploitation could lead to unauthorized data access, modification, or even complete system compromise. Technical Details The vulnerability resides within the /occontrolpanel/index.php endpoint, specifically in how the application handles the Session ID parameter. Insufficient sanitization of user-supplied input allows an attacker to inject malicious SQL code. This injected code is then executed by the application’s database server. The attack vector is the Session ID parameter,…

Overview A significant security vulnerability, identified as CVE-2025-65235, has been discovered in OpenCode Systems USSD Gateway OC Release 5 Version 6.13.11. This vulnerability is a SQL injection flaw located within the getSubUsersByProvider function, specifically affecting the ID parameter. This could potentially allow malicious actors to execute arbitrary SQL commands, leading to unauthorized data access, modification, or even system compromise. Technical Details The SQL injection vulnerability exists because the getSubUsersByProvider function fails to properly sanitize user-supplied input (the ID parameter) before using it in a SQL query. An attacker can inject malicious SQL code into the ID parameter, which is then…

Overview CVE-2025-63938 is a medium-severity integer overflow vulnerability affecting Tinyproxy versions up to 1.11.2. This flaw resides within the strip_return_port() function in the src/reqs.c file. A malicious actor could potentially exploit this vulnerability to cause a denial-of-service (DoS) condition or, in more complex scenarios, achieve arbitrary code execution. It is crucial to understand the details of this vulnerability and apply the necessary mitigations to protect your Tinyproxy instances. Technical Details The vulnerability lies within the strip_return_port() function, which is responsible for parsing and processing the port number from a client’s request. Due to insufficient validation, a specially crafted request containing…

Overview CVE-2025-46175 identifies a critical Incorrect Access Control vulnerability found in Ruoyi version 4.8.0. This flaw stems from a missing permission check within the authRole method of SysUserController.java, potentially allowing unauthorized users to manipulate role assignments beyond their intended scope. This can lead to privilege escalation and unauthorized data access. Technical Details The vulnerability lies specifically in the authRole method within the SysUserController.java file of Ruoyi v4.8.0. A crucial checkUserDataScope permission check is absent, meaning that under certain conditions, users can potentially modify role assignments for other users or roles without the proper authorization. This can bypass intended security restrictions…

Overview A critical security vulnerability, identified as CVE-2025-62354, has been discovered in Cursor. This flaw, categorized as a command injection vulnerability, could allow an unauthorized attacker to execute arbitrary code on systems running the affected Cursor version. The vulnerability stems from improper neutralization of special elements used in OS commands, bypassing intended allowlists and leading to potentially devastating consequences. Technical Details CVE-2025-62354 is a command injection vulnerability. This means that the application fails to properly sanitize user-supplied input that is later used in the execution of operating system commands. Specifically, Cursor fails to adequately neutralize special characters or commands that…

Overview CVE-2025-56396 describes a privilege escalation vulnerability discovered in RuoYi version 4.8.1. This vulnerability allows attackers to gain elevated privileges within the system, potentially leading to unauthorized access and control. Technical Details The vulnerability stems from a flaw in the access control mechanism within RuoYi 4.8.1. Specifically, the system incorrectly grants permissions based on the owning department of a user or resource, rather than the user’s actual assigned role and permissions. If the owning department has higher privileges than the active user, the user can inherit these higher privileges, effectively escalating their access rights. Further technical details are available in…

Overview A significant security vulnerability, identified as CVE-2025-50402, has been discovered in FAST FAC1200R F400_FAC1200R_Q routers. This vulnerability is a buffer overflow located within the sub_80435780 function and is triggered via the fac_password parameter. This flaw could potentially allow attackers to execute arbitrary code on affected devices, leading to serious security breaches. Technical Details The root cause of CVE-2025-50402 is a buffer overflow vulnerability in the sub_80435780 function of the FAST FAC1200R router’s firmware. The fac_password parameter, when supplied with an input string exceeding the buffer’s capacity, allows for overwriting adjacent memory regions. This can lead to code execution if…

Overview CVE-2025-50399 identifies a buffer overflow vulnerability found in the FAST FAC1200R F400_FAC1200R_Q router firmware. This vulnerability allows attackers to potentially execute arbitrary code or cause a denial-of-service condition by exploiting a flaw in the handling of the password parameter. A successful exploit can compromise the router’s security, potentially granting unauthorized access to the network or disrupting its operation. Technical Details The vulnerability resides within the sub_80435780 function of the FAST FAC1200R firmware. Specifically, the code fails to properly validate the length of the password parameter before copying it into a fixed-size buffer. By providing a password exceeding the buffer’s…